backtop


Print 5 comment(s) - last by AntDX316.. on Aug 5 at 7:11 AM

He'll present the findings at Black Hat

A hacker plans to show how passenger jets could be at risk for attacks via their Wi-Fi and in-flight entertainment systems. 
 
According to Reuters, Ruben Santamarta -- a consultant with cyber security firm IOActive -- will present how to hack the satellite communications equipment on passenger jets at this week's Black Hat hacking conference in Las Vegas. 
 
Santamarta reportedly published a 25-page research report in April, which described multiple bugs in firmware used in satellite communications equipment. He discovered the vulnerabilities by reverse engineering the firmware that is used to operate communications equipment. 
 
More specifically, he decoded firmware made by Cobham Plc., Harris Corp, EchoStar Corp's Hughes Network Systems, Iridium Communications Inc. and Japan Radio Co Ltd.


The risk here is that a hacker could use a plane's onboard Wi-Fi signal or inflight entertainment system to hack into more sensitive systems, potentially disrupting or modifying satellite communications. This could further interfere with the aircraft's navigation and safety systems. 
 
One vulnerability that Santamarta said he found in equipment made by all of the above-listed manufacturers was the use of "hardcoded" log-in credentials. This lets service technicians access any piece of equipment with the same login and password, but allows hackers to retrieve those passwords and use the credentials to access crucial systems.
 
The manufacturers have responded to Santamarta's paper, saying the risk of a hack is small, but that they'll look into his findings. 
 
Santamarta said he would respond to the comments from manufacturers during his presentation at Black Hat. 

Source: Reuters



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Hacking aircraft
By Usairsmitty on 8/4/2014 5:20:42 PM , Rating: 2
This is bull crap been working on civilian airliners for over 40 years the system does not work that way. There would have to be some direct input from the aircrew not going to happen sorry to bust everyone bubble ACARS does not work like that this guy is a clown talking a lot




RE: Hacking aircraft
By drycrust3 on 8/4/2014 6:30:39 PM , Rating: 2
The problem isn't something like ACARS, it is the more "mission critical" systems like interrupting the update to flight plan data downloads from INMARSAT or spoofing GPS signals.


RE: Hacking aircraft
By ritualm on 8/5/2014 12:33:29 AM , Rating: 2
On first glance, yeah it's not a big deal. Now consider what happened to MH17 - and think what a hacker can do to ensure a repeat of that scenario.

As usual, however, nobody gives two sh!ts until such a hack occurs in the wild.


not just airplanes
By CalaverasGrande on 8/4/2014 4:47:54 PM , Rating: 2
This is a problem with leased copiers, postage machines and so on. When we got our current multifunction copiers they still had the account info from the firm that had them before. There were even scanned documents in memory.
This was easily accessible from the standard service account or from my admin login.




it's actually an opening for
By AntDX316 on 8/5/2014 7:11:15 AM , Rating: 1
it's an opening for the gov't to hack the aircraft if the plane gets compromised from outside means of control

it's just the discovery happened from someone smart enough like the ppl who made the opening on purpose for the gov't




"It's okay. The scenarios aren't that clear. But it's good looking. [Steve Jobs] does good design, and [the iPad] is absolutely a good example of that." -- Bill Gates on the Apple iPad














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki